Last year, I urged furries to stop using Telegram because it doesn't actually provide them with any of the privacy guarantees they think it gives them. Instead of improving Telegram's cryptography to be actually secure, the CEO started spreading misleading bullshit about Signal®. Since then, I've been flooded with people asking me about various other encrypted messaging apps…
WordPress 6.8 is due to switch their password hashing to bcrypt, and their application passwords to BLAKE2b.
Great news:
They disarmed the 72 char footgun with bcrypt in the way I recommended (HMAC, rather than just SHA2, to prevent hash shucking, and base64 to prevent NUL truncation).
I just had the dumbest shitpost idea of the year. It might be peak slacktivism.
Compile a list of all the companies you never shop with.
Compile a list of companies that have rolled back their DEI programs.
For companies that are in both lists, email them insisting that you're boycotting them because of their embrace of racist, homophobic, etc. policies.
Even if nobody changes their shopping behavior, they'll still waste time and resources trying to measure the impact of this policy change, which is a net-negative for their business.
(But also, maybe actually boycott the ones that you can.)
My job involves auditing and developing cryptographic software.
Most developers don't understand cryptography.
Most developers shouldn't ever need to understand cryptography.
Most users understand it less than developers do!
A large unwritten part of my job responsibility involves talking developers down from the ledge when they think cryptography is easy.
Once in a blue moon, I have a conversation that looks like this:
Dev: "I don't get why more people don't add end-to-end encryption! It was really easy: I broke the plaintext into 256 byte blocks and encrypted them independently with their recipient's RSA 2048-bit public key. I wrote it using BigInts in my computer science class, and it just works."
Me: "Hey that's horrifying and all but before we get into the details, how do you know which public key to use?"
Dev: "Oh, I store it in MySQL! The encryption is done in JavaScript, so I never see plaintext."
This contrived dialogue may have tripped alarms in your mind, even if you're not a nightmare magic math specialist.
If so, this is the same kind of "oh noooooo" I feel whenever a protocol decides which algorithm to use based entirely on potentially attacker-controlled data.
Grabbing the algorithm from a message signature? Bozo bit flipped!
Grabbing the public key from the message signature? I'm over the moon. (Session does this, even though there's an external bit of logic binding it to the user's long-term birationally equivalent X25519 public key.)
The only acceptable way to do this is:
Have a randomly generated Key ID that points to a specific keypair.
Include this Key ID in the data being authenticated.
To figure out the algorithm to use for a given key, consult the key (not the signature or message).
And I still haven't even gotten to the actual part where messages would be encrypted or not, because I want to correctly tackle the hard problems around key management.
I've been rewriting drafts for a blog post since July 2023 about key management, and it's still deeply unsatisfying to me. I may never publish it at this rate.
Maybe I'm a terrible writer if I can't be easily understood on such a simple concept.
Self-importance is an anchor. It can be useful in the proper environment, but it's dead weight otherwise.
Parasocial relationships and hero worship elevate others' importance. Narcissism elevates one's own importance. Neither of these things end well.
While I appreciate when others are trying to be kind, it does sadden me a bit when people miss the point so broadly that they insist the contrary to me.
That post wasn't me trying to fish for compliments. I would never publish something so shallow or self-serving.
If I died suddenly, there would still be furries, hackers, and furry hackers. Most of the people in either camp would be unaffected by my absence.
The same cannot be said of the overworked staff at your local conventions, and so on.
If you want a good idea of who matters, look at all the kind and creative souls that make the things you enjoy in life possible.
The artists, musicians, and so on.
But also the folks that run their own Fediverse servers so you can keep in contact with your friends (and maybe meet new ones) without needing a government or corporation's permission (or to pay them the cost of admission, for that matter).
Think about the hundreds of volunteers that make each convention possible.
Think about the people in your life who have been kind to you in some small way.
I promise you your life would be immensely worse off without them. Without me? Not so much.
And even if you're one of the few people that has materially benefitted from my blog, the idea of a persistent continuous self is an illusion anyway.
We're different people throughout our lives. Sometimes drastically.
Would you say the same about me 20 years ago?
Will you be able to say the same in 20 years, with all the unforeseeable changes?
It's bizarre watching people realize slowly, in real time, that tech companies do not, in fact, have their backs.
They never did. They only pretended to because it was fashionable.
They would kill you and your entire family if it made their growth in profits increase by 0.1% this quarter, and they'd do it with a song in their hearts.
And they would do so without fear of prosecution, because they've basically bought out the entire political system through lobbying and can blatantly bribe Supreme Court Justices without consequence.
Why would they be incentivized to actually protect your privacy? Especially when your data is so valuable for growing their profits?
To a lot of business types, encryption isn't a question about privacy. It's about access controls. And they implicitly believe they get access.
So, too, will their buddies in the government.
You cannot, and should not, expect billionaires to have your backs. They don't give a fuck about you. They never will. Don't believe them.
Now, despite all the things we call "oracles" in cryptography, none of us can see the future. This is just the totally foreseeable consequences of the system as it existed yesterday.
I'd like to share a few thoughts on this matter.
The people should absolutely learn to break AI systems. I feel that this will become crucial to online privacy in the coming years.
But I also implore you to keep AI 0days secret. Don't disclose them publicly--especially to AI companies!
Feel free to share them privately with your friends (over E2EE chats) and only use them if they can help people.
And, to be clear, this is coming from Mr. "I drop 0day on my furry blog" himself.
Too Many People Don’t Value the Time of Security Researchers
It's really not my place to ever command respect from anyone; and that's not just because I'm a furry--which has always been towards the bottom of the geek hierarchy. I am well aware how little weight my words truly carry, even to other furries, as well as how little I really matter. Upscaled, dark mode version
Earlier this week, I wrote a blog post succinctly titled, Don't Use Session. Two interesting things have happened since I published that blog: A few people expressed uncertainty about what I wrote about using Pollard's rho to attack Session's design (for which, I offered to write a proof of concept and report back with results), and Session wrote a blog claiming to rebut the claims made in that blog post.
He/him. Gay/demi dhole (Cuon Alpinus)Blogger, programmer, security engineer, cryptography nerd. 30+Too spicy for Twitter (banned with all the prominent journalists on 2022-12-16)I don't represent any company, individual, or community.